Senior Security Engineer

About the RoleCantor's Information Security team protects the firm's global infrastructure across firewalls, remote access, and critical network platforms. We collaborate closely with engineering, architecture, and external partners to define and deliver best-in-class network security across the enterprise.We are looking for a Senior Security Engineer to act as a senior technical authority across Cantor, BGC, and Newmark. This is a highly hands-on role focused on architecture, engineering excellence, and technical leadership at scale. What You'll DoAs a Senior Security Engineer, you will:Own the architecture, design, and technical direction of network security platforms.Lead evaluation, selection, and deployment of advanced security technologies.Drive resolution of complex, high-impact incidents as the final technical escalation point.Define and execute multi-year initiatives across automation, observability, and modernization.Influence engineers, architects, and leadership to align on a strategic security roadmap.Mentor team members and elevate the technical bar across Information Security. Key ResponsibilitiesArchitecture & Strategy Define and own security architectures, standards, and reference patternsAlign designs with business objectives and risk frameworksEngineering & ImplementationLead complex implementations, upgrades, and transformationsProvide deep technical oversight on critical changesIncident & Problem Leadership Act as final escalation point for major incidentsDrive root cause analysis and enterprise-wide remediation strategiesLeadership & Collaboration Mentor engineers and lead cross-functional initiativesPartner with Architecture, SOC, NOC, Infrastructure, and vendors Core Technical ExpertiseFirewalls: Palo Alto (Panorama, PAN-OS, advanced policy design)Application Delivery: F5 (LTM, GTM/DNS)Web Application Firewalls (WAF): Cloudflare preferred (Akamai, AWS WAF, Imperva, F5 also considered)Networking: BGP, OSPF, segmentation, zero trust architectureSecurity Domains: VPN/ZTNA, DDoS mitigation, hybrid cloud security Nice to HaveZero Trust (ZTNA), SASE architecturesCloud security (AWS, Azure, GCP)Network automation (Terraform, Ansible, Python)

What We're Looking ForProven ability to own and deliver at scaleStrong track record of influencing without authorityAbility to translate complex technical concepts for both technical and executive audiencesDeep expertise across network security architecture and engineering Experience & Qualifications10+ years in network security engineering/architecture (senior/staff level)Bachelor's degree (or equivalent experience)Strong experience with:Palo Alto, F5, WAF platformsHybrid network environmentsCloud networking (AWS, Azure, GCP)Logging/observability (e.g., Splunk) Preferred Certifications: PCNSE, CCIE Security, JNCIE, F5-CSE/CTS, CISSP